Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12
  1. #11
    Regal Making Handler
    Join Date
    Jun 2002
    This may well be:Troj/Crater-A

    Details here:http://www.sophos.com/virusinfo/anal...ojcratera.html
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  2. #12
    Senior Member
    Join Date
    Jul 2004
    Originally posted here by FanacooL
    These two processes are what I would aim at first.

    O1 - Hosts: lloydstsb.co.uk
    O1 - Hosts: online.lloydstsb.co.uk
    O1 - Hosts: www.lloydstsb.co.uk
    O1 - Hosts: www.lloydstsb.com
    O1 - Hosts: personal.barclays.co.uk
    O1 - Hosts: barclays.co.uk
    O1 - Hosts: ibank.barclays.co.uk
    O1 - Hosts: www.barclays.co.uk
    O1 - Hosts: www.nwolb.com
    O1 - Hosts: nwolb.com
    O1 - Hosts: hsbc.co.uk
    O1 - Hosts: www.hsbc.co.uk
    O1 - Hosts: abbey.com
    O1 - Hosts: www.abbey.com
    O1 - Hosts: www.abbey.co.uk
    O1 - Hosts: abbey.co.uk
    O1 - Hosts: cahoot.com
    O1 - Hosts: www.cahoot.com
    O1 - Hosts: www.cahoot.co.uk
    O1 - Hosts: cahoot.co.uk
    O1 - Hosts: www.co-operativebank.co.uk
    O1 - Hosts: co-operativebank.co.uk
    O1 - Hosts: www.co-operativebank.com
    O1 - Hosts: co-operativebank.com
    O1 - Hosts: welcome2.co-operativebankonline.co.uk
    O1 - Hosts: welcome6.co-operativebankonline.co.uk
    O1 - Hosts: welcome8.co-operativebankonline.co.uk
    O1 - Hosts: welcome10.co-operativebankonline.co.uk
    O1 - Hosts: www.smile.co.uk
    O1 - Hosts: smile.co.uk
    O1 - Hosts: www.cajamar.es
    O1 - Hosts: cajamar.es
    O1 - Hosts: www.cajamar.com
    O1 - Hosts: www.unicaja.es
    O1 - Hosts: unicaja.es
    O1 - Hosts: www.unicaja.com
    O1 - Hosts: unicaja.com
    O1 - Hosts: www.caixagalicia.es
    O1 - Hosts: caixagalicia.es
    O1 - Hosts: www.caixagalicia.com
    O1 - Hosts: caixagalicia.com
    O1 - Hosts: activa.caixagalicia.es
    O1 - Hosts: www.caixapenedes.es
    O1 - Hosts: caixapenedes.es
    O1 - Hosts: www.caixapenedes.com
    O1 - Hosts: caixapenedes.com
    O1 - Hosts: bancae.caixapenedes.com
    O1 - Hosts: www.caixasabadell.es
    O1 - Hosts: caixasabadell.es
    O1 - Hosts: www.caixasabadell.net
    O1 - Hosts: caixasabadell.net
    O1 - Hosts: www.cajamadrid.es
    O1 - Hosts: cajamadrid.es
    O1 - Hosts: www.cajamadrid.com
    O1 - Hosts: cajamadrid.com
    O1 - Hosts: oi.cajamadrid.es
    O1 - Hosts: www.ccm.es
    O1 - Hosts: ccm.es
    O1 - Hosts: d-ru-1f.kaspersky-labs.com
    O1 - Hosts: d-ru-1h.kaspersky-labs.com
    O1 - Hosts: d-ru-2f.kaspersky-labs.com
    O1 - Hosts: d-ru-2h.kaspersky-labs.com
    O1 - Hosts: d-eu-2f.kaspersky-labs.com
    O1 - Hosts: d-eu-2h.kaspersky-labs.com
    O1 - Hosts: d-eu-1f.kaspersky-labs.com
    O1 - Hosts: d-eu-1h.kaspersky-labs.com
    O1 - Hosts: d-us-1f.kaspersky-labs.com
    O1 - Hosts: d-us-1h.kaspersky-labs.com
    O1 - Hosts: downloads1.kaspersky.ru
    O1 - Hosts: downloads2.kaspersky.ru
    O1 - Hosts: downloads3.kaspersky.ru
    O1 - Hosts: downloads4.kaspersky.ru
    O1 - Hosts: downloads5.kaspersky.ru
    O1 - Hosts: www.kaspersky.ru
    O1 - Hosts: kaspersky.ru
    O1 - Hosts: kaspersky-labs.com
    O1 - Hosts: www.kaspersky-labs.com
    O4 - HKLM\..\Run: [ff] 221.exe
    O4 - HKLM\..\RunServices: [ff] 221.exe
    O4 - HKCU\..\Run: [ff] 221.exe
    Remove all of those lines, unless for some reason you added those to your host file yourself. The way to remove the 221.exe file would be to install MS Antispyware (Which is looks like you have running), then boot off of LiveCD such as BartPE. From this you can delete the files since they won't ever start. Then when you boot back into your main OS, the files should not bootup. If there is anything else that is adding them back into startup and recreating them the anti-spyware program will stop them from being added.

    At this point your can remove any registry entries that correlate.

    You will want to update your signatures in both the anti-spyware and your AV and run a full scan on your system after this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.